net-http-digest_auth 1.2 → 1.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. data.tar.gz.sig +1 -4
  2. data/History.txt +5 -0
  3. data/README.txt +9 -14
  4. data/Rakefile +1 -4
  5. data/lib/net/http/digest_auth.rb +16 -8
  6. data/sample/auth_server.rb +0 -1
  7. data/test/test_net_http_digest_auth.rb +14 -11
  8. metadata +46 -25
  9. metadata.gz.sig +1 -3
data.tar.gz.sig CHANGED
@@ -1,4 +1 @@
1
- E��$"y,�N�gZ��坲����9��rw#2ɰG�>$�V��MI����,
2
- Ϸ�UЫDԉ�B�v\�j�c�9����1�|a
3
- ��$`_��q���4�54��?i�cS8���.�ʘfǾE�j7r
4
- !W�p&�VPk���
1
+ {�)K�˶�[�k\�.n߰�h2���{Z�����oD��}� �i��܍=N|��M���Ǐ*�ۜIe�_a.�T]~J���Xi���t�Z���W����P��hl�ᾕUw����Mg4�x�_����%�տ��ާNg���s�d}PU�������~�2�<�k��IS���ϧ��e�ԫ)7ظ&eK��;`;�s�{�#�3�a=:b�7�n�V���+�2�+�9Fd~s9)��k�":ay�E
data/History.txt CHANGED
@@ -1,3 +1,8 @@
1
+ === 1.2.1
2
+
3
+ * Bug fix
4
+ * Fixed -sess authentication. This also fixes pull request #4 by joe81
5
+
1
6
  === 1.2 / 2011-11-22
2
7
 
3
8
  * Minor enhancement
data/README.txt CHANGED
@@ -1,23 +1,18 @@
1
1
  = net-http-digest_auth
2
2
 
3
- * http://github.com/drbrain/net-http-digest_auth
4
- * http://seattlerb.rubyforge.org/net-http-digest_auth
5
- * http://www.rfc-editor.org/rfc/rfc2617.txt
3
+ code :: http://github.com/drbrain/net-http-digest_auth
4
+ rdoc :: http://docs.seattlerb.org/net-http-digest_auth
5
+ other :: http://www.rfc-editor.org/rfc/rfc2617.txt
6
6
 
7
7
  == DESCRIPTION:
8
8
 
9
9
  An implementation of RFC 2617 - Digest Access Authentication. At this time
10
- the gem does not fully integrate with Net::HTTP and can be used for with other
11
- HTTP clients.
10
+ the gem does not drop in to Net::HTTP and can be used for with other HTTP
11
+ clients.
12
12
 
13
- == FEATURES/PROBLEMS:
14
-
15
- * Implements RFC 2617 for digest authentication
16
- * Does not fully integrate with Net::HTTP
17
-
18
- == SYNOPSIS:
19
-
20
- See Net::HTTP::DigestAuth
13
+ In order to use net-http-digest_auth you'll need to perform some request
14
+ wrangling on your own. See the class documentation at Net::HTTP::DigestAuth
15
+ for an example.
21
16
 
22
17
  == INSTALL:
23
18
 
@@ -27,7 +22,7 @@ HTTP clients.
27
22
 
28
23
  (The MIT License)
29
24
 
30
- Copyright (c) 2010 Eric Hodel
25
+ Copyright (c) Eric Hodel
31
26
 
32
27
  Permission is hereby granted, free of charge, to any person obtaining
33
28
  a copy of this software and associated documentation files (the
data/Rakefile CHANGED
@@ -5,14 +5,11 @@ require 'hoe'
5
5
 
6
6
  Hoe.plugin :git
7
7
  Hoe.plugin :minitest
8
+ Hoe.plugin :travis
8
9
 
9
10
  Hoe.spec 'net-http-digest_auth' do
10
- self.rubyforge_name = 'seattlerb'
11
11
  developer 'Eric Hodel', 'drbrain@segment7.net'
12
12
 
13
- spec_extras['homepage'] =
14
- 'http://docs.seattlerb.org/net-http-digest_auth'
15
-
16
13
  rdoc_locations <<
17
14
  'docs.seattlerb.org:/data/www/docs.seattlerb.org/net-http-digest_auth/'
18
15
  rdoc_locations <<
data/lib/net/http/digest_auth.rb CHANGED
@@ -14,6 +14,8 @@ require 'monitor'
14
14
  # require 'net/http'
15
15
  # require 'net/http/digest_auth'
16
16
  #
17
+ # digest_auth = Net::HTTP::DigestAuth.new
18
+ #
17
19
  # uri = URI.parse 'http://localhost:8000/'
18
20
  # uri.user = 'username'
19
21
  # uri.password = 'password'
@@ -23,13 +25,15 @@ require 'monitor'
23
25
  # req = Net::HTTP::Get.new uri.request_uri
24
26
  #
25
27
  # res = h.request req
28
+ # # res is a 401 response with a WWW-Authenticate header
26
29
  #
27
- # digest_auth = Net::HTTP::DigestAuth.new
28
30
  # auth = digest_auth.auth_header uri, res['www-authenticate'], 'GET'
29
31
  #
32
+ # # create a new request with the Authorization header
30
33
  # req = Net::HTTP::Get.new uri.request_uri
31
34
  # req.add_field 'Authorization', auth
32
35
  #
36
+ # # re-issue request with Authorization
33
37
  # res = h.request req
34
38
 
35
39
  class Net::HTTP::DigestAuth
@@ -44,7 +48,7 @@ class Net::HTTP::DigestAuth
44
48
  ##
45
49
  # Version of Net::HTTP::DigestAuth you are using
46
50
 
47
- VERSION = '1.2'
51
+ VERSION = '1.2.1'
48
52
 
49
53
  ##
50
54
  # Creates a new DigestAuth header creator.
@@ -80,10 +84,14 @@ class Net::HTTP::DigestAuth
80
84
 
81
85
  www_authenticate =~ /^(\w+) (.*)/
82
86
 
87
+ challenge = $2
88
+
83
89
  params = {}
84
- $2.gsub(/(\w+)="(.*?)"/) { params[$1] = $2 }
90
+ challenge.gsub(/(\w+)="(.*?)"/) { params[$1] = $2 }
85
91
 
86
- qop = params['qop']
92
+ challenge =~ /algorithm=(.*?)([, ]|$)/
93
+
94
+ params['algorithm'] = $1 || 'MD5'
87
95
 
88
96
  if params['algorithm'] =~ /(.*?)(-sess)?$/
89
97
  algorithm = case $1
@@ -97,20 +105,19 @@ class Net::HTTP::DigestAuth
97
105
  else raise Error, "unknown algorithm \"#{$1}\""
98
106
  end
99
107
  sess = $2
100
- else
101
- algorithm = Digest::MD5
102
- sess = false
103
108
  end
104
109
 
105
110
  a1 = if sess then
106
111
  [ algorithm.hexdigest("#{user}:#{params['realm']}:#{password}"),
107
112
  params['nonce'],
108
- params['cnonce']
113
+ @cnonce,
109
114
  ].join ':'
110
115
  else
111
116
  "#{user}:#{params['realm']}:#{password}"
112
117
  end
113
118
 
119
+ qop = params['qop']
120
+
114
121
  ha1 = algorithm.hexdigest a1
115
122
  ha2 = algorithm.hexdigest "#{method}:#{uri.request_uri}"
116
123
 
@@ -122,6 +129,7 @@ class Net::HTTP::DigestAuth
122
129
  header = [
123
130
  "Digest username=\"#{user}\"",
124
131
  "realm=\"#{params['realm']}\"",
132
+ "algorithm=#{params['algorithm']}",
125
133
  if qop.nil? then
126
134
  elsif iis then
127
135
  "qop=\"#{qop}\""
data/sample/auth_server.rb CHANGED
@@ -16,7 +16,6 @@ class AuthServlet < WEBrick::HTTPServlet::AbstractServlet
16
16
  config[:Realm] = 'net-http-digest_auth'
17
17
  config[:UseOpaque] = false
18
18
  config[:AutoReloadUserDB] = false
19
- config[:Algorithm] = 'MD5'
20
19
 
21
20
  passwd_file = Tempfile.new 'net-http-digest_auth'
22
21
  passwd_file.close
data/test/test_net_http_digest_auth.rb CHANGED
@@ -19,6 +19,7 @@ class TestNetHttpDigestAuth < MiniTest::Unit::TestCase
19
19
  @expected = [
20
20
  'Digest username="user"',
21
21
  'realm="www.example.com"',
22
+ 'algorithm=MD5',
22
23
  'qop=auth',
23
24
  'uri="/"',
24
25
  'nonce="4107baa081a592a6021660200000cd6c5686ff5f579324402b374d83e2c9"',
@@ -37,14 +38,14 @@ class TestNetHttpDigestAuth < MiniTest::Unit::TestCase
37
38
  def test_auth_header
38
39
  assert_equal expected, @da.auth_header(@uri, @header, 'GET')
39
40
 
40
- @expected[5] = 'nc=00000001'
41
- @expected[7] = 'response="1f5f0cd1588690c1303737f081c0b9bb"'
41
+ @expected[6] = 'nc=00000001'
42
+ @expected[8] = 'response="1f5f0cd1588690c1303737f081c0b9bb"'
42
43
 
43
44
  assert_equal expected, @da.auth_header(@uri, @header, 'GET')
44
45
  end
45
46
 
46
47
  def test_auth_header_iis
47
- @expected[2] = 'qop="auth"'
48
+ @expected[3] = 'qop="auth"'
48
49
 
49
50
  assert_equal expected, @da.auth_header(@uri, @header, 'GET', true)
50
51
  end
@@ -52,8 +53,8 @@ class TestNetHttpDigestAuth < MiniTest::Unit::TestCase
52
53
  def test_auth_header_no_qop
53
54
  @header.sub! ' qop="auth",', ''
54
55
 
55
- @expected[7] = 'response="32f6ca1631ccf7c42a8075deff44e470"'
56
- @expected.slice! 2
56
+ @expected[8] = 'response="32f6ca1631ccf7c42a8075deff44e470"'
57
+ @expected.slice! 3
57
58
 
58
59
  assert_equal expected, @da.auth_header(@uri, @header, 'GET')
59
60
  end
@@ -66,29 +67,31 @@ class TestNetHttpDigestAuth < MiniTest::Unit::TestCase
66
67
  end
67
68
 
68
69
  def test_auth_header_post
69
- @expected[7] = 'response="d82219e1e5430b136bbae1670fa51d48"'
70
+ @expected[8] = 'response="d82219e1e5430b136bbae1670fa51d48"'
70
71
 
71
72
  assert_equal expected, @da.auth_header(@uri, @header, 'POST')
72
73
  end
73
74
 
74
75
  def test_auth_header_sess
75
- @header << 'algorithm="MD5-sess"'
76
+ @header << ', algorithm=MD5-sess'
76
77
 
77
- @expected[7] = 'response="76d3ff10007496cee26c61f9d04c72a8"'
78
+ @expected[2] = 'algorithm=MD5-sess'
79
+ @expected[8] = 'response="c22c5bd9112a86ca78ddc1ae772daeeb"'
78
80
 
79
81
  assert_equal expected, @da.auth_header(@uri, @header, 'GET')
80
82
  end
81
83
 
82
84
  def test_auth_header_sha1
83
- @expected[7] = 'response="2cb62fc18f7b0ebdc34543f896bb7768"'
85
+ @expected[2] = 'algorithm=SHA1'
86
+ @expected[8] = 'response="2cb62fc18f7b0ebdc34543f896bb7768"'
84
87
 
85
- @header << 'algorithm="SHA1"'
88
+ @header << 'algorithm=SHA1'
86
89
 
87
90
  assert_equal expected, @da.auth_header(@uri, @header, 'GET')
88
91
  end
89
92
 
90
93
  def test_auth_header_unknown_algorithm
91
- @header << 'algorithm="bogus"'
94
+ @header << 'algorithm=bogus'
92
95
 
93
96
  e = assert_raises Net::HTTP::DigestAuth::Error do
94
97
  @da.auth_header @uri, @header, 'GET'
metadata CHANGED
@@ -1,12 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: net-http-digest_auth
3
3
  version: !ruby/object:Gem::Version
4
- hash: 11
4
+ hash: 29
5
5
  prerelease:
6
6
  segments:
7
7
  - 1
8
8
  - 2
9
- version: "1.2"
9
+ - 1
10
+ version: 1.2.1
10
11
  platform: ruby
11
12
  authors:
12
13
  - Eric Hodel
@@ -15,9 +16,9 @@ bindir: bin
15
16
  cert_chain:
16
17
  - |
17
18
  -----BEGIN CERTIFICATE-----
18
- MIIDNjCCAh6gAwIBAgIBADANBgkqhkiG9w0BAQUFADBBMRAwDgYDVQQDDAdkcmJy
19
+ MIIDeDCCAmCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBBMRAwDgYDVQQDDAdkcmJy
19
20
  YWluMRgwFgYKCZImiZPyLGQBGRYIc2VnbWVudDcxEzARBgoJkiaJk/IsZAEZFgNu
20
- ZXQwHhcNMDcxMjIxMDIwNDE0WhcNMDgxMjIwMDIwNDE0WjBBMRAwDgYDVQQDDAdk
21
+ ZXQwHhcNMTIwMjI4MTc1NDI1WhcNMTMwMjI3MTc1NDI1WjBBMRAwDgYDVQQDDAdk
21
22
  cmJyYWluMRgwFgYKCZImiZPyLGQBGRYIc2VnbWVudDcxEzARBgoJkiaJk/IsZAEZ
22
23
  FgNuZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbbgLrGLGIDE76
23
24
  LV/cvxdEzCuYuS3oG9PrSZnuDweySUfdp/so0cDq+j8bqy6OzZSw07gdjwFMSd6J
@@ -25,17 +26,18 @@ cert_chain:
25
26
  Gj/okWrQl0NjYOYBpDi+9PPmaH2RmLJu0dB/NylsDnW5j6yN1BEI8MfJRR+HRKZY
26
27
  mUtgzBwF1V4KIZQ8EuL6I/nHVu07i6IkrpAgxpXUfdJQJi0oZAqXurAV3yTxkFwd
27
28
  g62YrrW26mDe+pZBzR6bpLE+PmXCzz7UxUq3AE0gPHbiMXie3EFE0oxnsU3lIduh
28
- sCANiQ8BAgMBAAGjOTA3MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgSwMB0GA1UdDgQW
29
- BBS5k4Z75VSpdM0AclG2UvzFA/VW5DANBgkqhkiG9w0BAQUFAAOCAQEAHagT4lfX
30
- kP/hDaiwGct7XPuVGbrOsKRVD59FF5kETBxEc9UQ1clKWngf8JoVuEoKD774dW19
31
- bU0GOVWO+J6FMmT/Cp7nuFJ79egMf/gy4gfUfQMuvfcr6DvZUPIs9P/TlK59iMYF
32
- DIOQ3DxdF3rMzztNUCizN4taVscEsjCcgW6WkUJnGdqlu3OHWpQxZBJkBTjPCoc6
33
- UW6on70SFPmAy/5Cq0OJNGEWBfgD9q7rrs/X8GGwUWqXb85RXnUVi/P8Up75E0ag
34
- 14jEc90kN+C7oI/AGCBN0j6JnEtYIEJZibjjDJTSMWlUKKkj30kq7hlUC2CepJ4v
35
- x52qPcexcYZR7w==
29
+ sCANiQ8BAgMBAAGjezB5MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgSwMB0GA1UdDgQW
30
+ BBS5k4Z75VSpdM0AclG2UvzFA/VW5DAfBgNVHREEGDAWgRRkcmJyYWluQHNlZ21l
31
+ bnQ3Lm5ldDAfBgNVHRIEGDAWgRRkcmJyYWluQHNlZ21lbnQ3Lm5ldDANBgkqhkiG
32
+ 9w0BAQUFAAOCAQEAPeWzFnrcvC6eVzdlhmjUub2s6qieBkongKRDHQz5MEeQv4LS
33
+ SARnoHY+uCAVL/1xGAhmpzqQ3fJGWK9eBacW/e8E5GF9xQcV3mE1bA0WNaiDlX5j
34
+ U2aI+ZGSblqvHUCxKBHR1s7UMHsbz1saOmgdRTyPx0juJs68ocbUTeYBLWu9V4KP
35
+ zdGAG2JXO2gONg3b4tYDvpBLbry+KOX27iAJulUaH9TiTOULL4ITJVFsK0mYVqmR
36
+ Q8Tno9S3e4XGGP1ZWfLrTWEJbavFfhGHut2iMRwfC7s/YILAHNATopaJdH9DNpd1
37
+ U81zGHMUBOvz/VGT6wJwYJ3emS2nfA2NOHFfgA==
36
38
  -----END CERTIFICATE-----
37
39
 
38
- date: 2011-11-23 00:00:00 Z
40
+ date: 2012-05-18 00:00:00 Z
39
41
  dependencies:
40
42
  - !ruby/object:Gem::Dependency
41
43
  name: minitest
@@ -45,32 +47,51 @@ dependencies:
45
47
  requirements:
46
48
  - - ~>
47
49
  - !ruby/object:Gem::Version
48
- hash: 15
50
+ hash: 21
49
51
  segments:
50
52
  - 2
51
- - 6
52
- version: "2.6"
53
+ - 11
54
+ version: "2.11"
53
55
  type: :development
54
56
  version_requirements: *id001
55
57
  - !ruby/object:Gem::Dependency
56
- name: hoe
58
+ name: rdoc
57
59
  prerelease: false
58
60
  requirement: &id002 !ruby/object:Gem::Requirement
59
61
  none: false
60
62
  requirements:
61
63
  - - ~>
62
64
  - !ruby/object:Gem::Version
63
- hash: 27
65
+ hash: 19
64
66
  segments:
65
- - 2
66
- - 12
67
- version: "2.12"
67
+ - 3
68
+ - 10
69
+ version: "3.10"
68
70
  type: :development
69
71
  version_requirements: *id002
72
+ - !ruby/object:Gem::Dependency
73
+ name: hoe
74
+ prerelease: false
75
+ requirement: &id003 !ruby/object:Gem::Requirement
76
+ none: false
77
+ requirements:
78
+ - - ~>
79
+ - !ruby/object:Gem::Version
80
+ hash: 7
81
+ segments:
82
+ - 3
83
+ - 0
84
+ version: "3.0"
85
+ type: :development
86
+ version_requirements: *id003
70
87
  description: |-
71
88
  An implementation of RFC 2617 - Digest Access Authentication. At this time
72
- the gem does not fully integrate with Net::HTTP and can be used for with other
73
- HTTP clients.
89
+ the gem does not drop in to Net::HTTP and can be used for with other HTTP
90
+ clients.
91
+
92
+ In order to use net-http-digest_auth you'll need to perform some request
93
+ wrangling on your own. See the class documentation at Net::HTTP::DigestAuth
94
+ for an example.
74
95
  email:
75
96
  - drbrain@segment7.net
76
97
  executables: []
@@ -121,8 +142,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
121
142
  version: "0"
122
143
  requirements: []
123
144
 
124
- rubyforge_project: seattlerb
125
- rubygems_version: 1.8.10
145
+ rubyforge_project: net-http-digest_auth
146
+ rubygems_version: 1.8.21
126
147
  signing_key:
127
148
  specification_version: 3
128
149
  summary: An implementation of RFC 2617 - Digest Access Authentication
metadata.gz.sig CHANGED
@@ -1,3 +1 @@
1
- i�7��'���j�;�J ����hfA�{�M��'xhx�^M c+�� �Z_˗'X�.����ї�
2
- {����/ojt[�2C���N����gg7�#�tȩ�O�_�V�f���y�K�Mn���Jt}_�.���i}/�Q㏿<
3
- ���z���A75�c_���*���W��Ƀ��������DnʕD�Z_C�M�q�tՋ'3��X���]EV�7������ANk��r��v�c��!~1�xxP
1
+ 3�l��)�s0�{p���*6�j��e�f?�<4m9�WE��%(�7�[߽���Pj/�\��)��_�v�dTϳeeIY�I�&����t�Pek���U��T��hN36���W�ے��zt�2�ߞL���I#��ÈA�mtY{dH����V�s��0��ŌNIwfX�=PS�>�bO\����S.2����?)������_�J���ˆ޺�%�zH4�6�T)��&�El}+��_7�A�;��Q5G�N歷�����ߕ